mcp-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly documents and registers tools that fetch public social-media and web content (e.g., "search_tweets"/"surf_twitter_search" in the Tool Design examples and the Server Instructions string "Data API for Twitter, Reddit, and web search", plus handler snippets that call fetchTweets/fetch(url)), so the agent is expected to ingest untrusted third‑party user-generated web content that can influence subsequent actions.